Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-08-11 Thread Florian Pflug
On Aug11, 2011, at 09:16 , Peter Eisentraut wrote: > On fre, 2011-07-29 at 11:37 +0200, Florian Pflug wrote: >> On Jul28, 2011, at 22:51 , Peter Eisentraut wrote: >>> On ons, 2011-07-27 at 23:21 +0200, Florian Pflug wrote: On Jul27, 2011, at 23:08 , Peter Eisentraut wrote: > Well, offhand

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-08-11 Thread Peter Eisentraut
On fre, 2011-07-29 at 11:37 +0200, Florian Pflug wrote: > On Jul28, 2011, at 22:51 , Peter Eisentraut wrote: > > On ons, 2011-07-27 at 23:21 +0200, Florian Pflug wrote: > >> On Jul27, 2011, at 23:08 , Peter Eisentraut wrote: > >>> Well, offhand I would expect that passing an XML value to XMLATTRIBU

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-29 Thread Florian Pflug
On Jul28, 2011, at 22:51 , Peter Eisentraut wrote: > On ons, 2011-07-27 at 23:21 +0200, Florian Pflug wrote: >> On Jul27, 2011, at 23:08 , Peter Eisentraut wrote: >>> Well, offhand I would expect that passing an XML value to XMLATTRIBUTES >>> would behave as in >>> >>> SELECT XMLELEMENT(NAME "t",

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-28 Thread Peter Eisentraut
On ons, 2011-07-27 at 23:21 +0200, Florian Pflug wrote: > On Jul27, 2011, at 23:08 , Peter Eisentraut wrote: > > Well, offhand I would expect that passing an XML value to XMLATTRIBUTES > > would behave as in > > > > SELECT XMLELEMENT(NAME "t", XMLATTRIBUTES(XMLSERIALIZE(content '&'::XML > > AS te

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-27 Thread Florian Pflug
On Jul27, 2011, at 23:08 , Peter Eisentraut wrote: > Well, offhand I would expect that passing an XML value to XMLATTRIBUTES > would behave as in > > SELECT XMLELEMENT(NAME "t", XMLATTRIBUTES(XMLSERIALIZE(content '&'::XML > AS text) AS "a")) With both 9.1 and 9.2 this query returns xmlelem

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-27 Thread Peter Eisentraut
On ons, 2011-07-27 at 19:37 +0200, Florian Pflug wrote: > > Per SQL standard, the attribute values may not be of type XML, so > maybe > > we should just prohibit it. > > We probably should have, but I think it's too late for that. I don't > believe I'm the only one who uses XPATH results as attrib

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-27 Thread Florian Pflug
On Jul27, 2011, at 16:18 , Peter Eisentraut wrote: > On tis, 2011-07-26 at 22:44 +0200, Florian Pflug wrote: >> While reviewing the (now applied) XPATH escaping patches, Radoslaw >> found one >> case where the previous failure of XPATH to escape its return value >> was offset >> by XMLATTRIBUTES in

Re: [HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-27 Thread Peter Eisentraut
On tis, 2011-07-26 at 22:44 +0200, Florian Pflug wrote: > While reviewing the (now applied) XPATH escaping patches, Radoslaw > found one > case where the previous failure of XPATH to escape its return value > was offset > by XMLATTRIBUTES insistence to escape all input values, even if > they're > a

[HACKERS] XMLATTRIBUTES vs. values of type XML

2011-07-26 Thread Florian Pflug
Hi While reviewing the (now applied) XPATH escaping patches, Radoslaw found one case where the previous failure of XPATH to escape its return value was offset by XMLATTRIBUTES insistence to escape all input values, even if they're already of type XML. To wit, if you do SELECT XMLELEMENT(NAME "